05-16-2014
It has been a couple of decades since I did any serious sys admin work and I've obviously not kept up with recent changes. So, as the next wild speculation, could there be a plug-in authentication module (PAM) installed that is only looking at the 1st six characters of a password for some users?
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Can anybody tell me how can I create an account without having to enter the password after editing the vipw file. I mean the system should automatically take care of the password encryption in the shadow file and I don't to enter the password again and the Account should be ready to go.
... (3 Replies)
Discussion started by: syedifti
3 Replies
2. UNIX for Dummies Questions & Answers
I am one of the newbies. I am trying to install RedHat Enterprise AS on my notebook (i know it is not a good start to go with it, but it is the only dvd i have) on Windows XP by using the Virtual PC 2007. The installation processes were very fine. However, i have problem when it boot up to its... (2 Replies)
Discussion started by: sanlen
2 Replies
3. UNIX for Advanced & Expert Users
hi all
i am writing a script to create user and group from the input given to script
for eg. script needs to values
1. mode - 1 or 2
2. id - if mode is 1 then id should be 2 char like x1 / v1 / v2
if mode is 2 then id should be 1 char like x / v / e
from these to values group is... (1 Reply)
Discussion started by: zedex
1 Replies
4. Solaris
Hi:
Could I set the:
- Login Time-out Interval
- Password History Count
- Lockout Duration
- Lockout Threshold
for user account in Sun Solaris 5.8.
Thanks for your help (6 Replies)
Discussion started by: mlsun
6 Replies
5. UNIX for Advanced & Expert Users
Hi,
I have installed open ldap according to the order from this video:
YouTube - bowendenning's Channel
sudo apt-get install slapd
sudo apt-get install ldap-utils
sudo apt-get install phpldapadmin
The installaion was good.
However it did NOT ask from me any password.
After I enter to... (0 Replies)
Discussion started by: programAngel
0 Replies
6. AIX
In AIX 5.3 tech level 11:
I want to setup a default password policy to have at least one
of each of the following: alpha character, numeric character, and "special"
character ("!", "&", etc).
The smitty Security and Users --> Passwords --> System Password
Policy screen only offers "MIN... (2 Replies)
Discussion started by: kikwit_phil
2 Replies
7. Solaris
Can anyone kindly explain to me the meaning of the default values of the code below please?
Thank you very much
#MINDIFF=3
#MINALPHA=2
#MINNONALPHA=1
#MINUPPER=0
#MINLOWER=0
#MAXREPEATS=0
#MINSPECIAL=0
#MINDIGIT=0
#WHITESPACE=YES (1 Reply)
Discussion started by: cjashu
1 Replies
8. AIX
What is the following output telling me?
fget_config -Av
---dar0---
User array name = 'BSNorth-DS4300'
dac3 ACTIVE dacNONE ACTIVE
Disk DAC LUN Logical Drive
hdisk4 dac3 0 TestDiskForAll
---dar1---
User array name = 'BSNorth-DS4300'
dac2 ACTIVE dacNONE ACTIVE
Disk DAC ... (0 Replies)
Discussion started by: petervg
0 Replies
9. SuSE
Hi,
I am setting password complexity in SLES 11. I am able to do most of things
pam-config -d --pwcheck
pam-config -a --cracklib
pam-config -a --cracklib-minlen=8
pam-config -a --cracklib-dcredit=-1
pam-config -a --cracklib-ocredit=-1
pam-config -a --pwhistory
pam-config -a... (1 Reply)
Discussion started by: solaris_1977
1 Replies
10. HP-UX
I need to set password compliance for some servers in my company.
However, the requirements are that we need to set different password policies for 3 different user groups within the company. These are :
System Users: i.e root, etc
Batch/Application Users: oracle, bscs, etc
Standard User:... (0 Replies)
Discussion started by: anaigini45
0 Replies
LEARN ABOUT MINIX
pam_ldap
pam_ldap(8) System Manager's Manual pam_ldap(8)
NAME
pam_ldap - PAM module for LDAP-based authentication
SYNOPSIS
pam_ldap.so [...]
DESCRIPTION
This is a PAM module that uses an LDAP server to verify user access rights and credentials.
OPTIONS
use_first_pass
Specifies that the PAM module should use the first password provided in the authentication stack and not prompt the user for a pass-
word.
try_first_pass
Specifies that the PAM module should use the first password provided in the authentication stack and if that fails prompt the user
for a password.
nullok Specifying this option allows users to log in with a blank password. Normally logins without a password are denied.
ignore_unknown_user
Specifies that the PAM module should return PAM_IGNORE for users that are not present in the LDAP directory. This causes the PAM
framework to ignore this module.
ignore_authinfo_unavail
Specifies that the PAM module should return PAM_IGNORE if it cannot contact the LDAP server. This causes the PAM framework to ig-
nore this module.
no_warn
Specifies that warning messages should not be propagated to the PAM application.
use_authtok
This causes the PAM module to use the earlier provided password when changing the password. The module will not prompt the user for
a new password (it is analogous to use_first_pass).
debug This option causes the PAM module to log debugging information to syslog(3).
minimum_uid=UID
This option causes the PAM module to ignore the user if the user id is lower than the specified value. This can be used to bypass
LDAP checks for system users (e.g. by setting it to 1000).
MODULE SERVICES PROVIDED
All services are provided by this module but currently sessions changes are not implemented in the nslcd daemon.
FILES
/etc/pam.conf
the main PAM configuration file
/etc/nslcd.conf
The configuration file for the nslcd daemon (see nslcd.conf(5))
SEE ALSO
pam.conf(5), nslcd(8), nslcd.conf(5)
AUTHOR
This manual was written by Arthur de Jong <arthur@arthurdejong.org>.
Version 0.8.10 Jun 2012 pam_ldap(8)